dot org slash blog

The iPhone Twitter app finally tipped the scales and got me curious, so I registered.

Maybe this will keep a lot of one line observations of mine off IRC.

http://twitter.com/sklnd

The aspect of the iPhone that made me hesitate in buying one the most was losing my ability to gain internet connectivity on my laptop though my phone. I’ve used this when I’m out of town at times to get connectivity, and it’s been quite the handy tool when there are no wifi hotspots to be found.

Today, I jailbroke my phone and managed to get a SOCKS proxy running on it. With a bit of Ad-Hoc wifi from my laptop, browsing the web with more Gs was easily at my fingertips. Here’s what I did.

1. Jailbreak the iPhone. I used winpwn. It was pretty easy, and the internet will tell you how.
2. Install 3proxy, insomniac, and either OpenSSH or mobile terminal.
3. Either from a ssh session or the terminal, run proxy
4. Set up a DHCP server on the laptop. This requires a config file, which I’ll include later. You could also use a static IP if that’s your bag.
5. Bring the wifi card down and set it in Ad-Hoc mode. I did this using NetworkManager because I’ve become lazy, but its pretty easy to do with iwconfig as well.
6. Take the wifi card up and assign it an IP in the same subnet as what your dhcp server is using.
7. Turn on insomnia so your wifi connection doesn’t get shut down when the device goes idle.
8. Have the iPhone connect to the Ad-Hoc network. I left dhcpd in foreground mode with debug on to watch the phone request an IP.
9. Set firefox to use a SOCKS v5 proxy on port 1080 with the IP address your phone.
10. Enable network.proxy.socks_remote_dns in about:config in Firefox. You need DNS to be routed across the proxy rather than firefox trying to hit whatever (likely invalid) nameserver is in /etc/resolv.conf
11. Enjoy the internets.

The end result is your traffic goes over wifi to a proxy on the iPhone, and then out the 3G radio to ATT’s network. It’s a little flaky and to be honest I only plan on using this when I have no other means of using the Internet and I really need connectivity. The 3G network aspect of this is rather nice compared to the EDGE speeds I was used to with the Pearl. Being able to talk to the GPRS modem on the phone was much more functional, though. Proxies are a pain. I haven’t checked to see if ping times are worse or better over HSDPA versus EDGE.

As for the dhcpd.conf, it was pretty minimalist:

ddns-update-style ad-hoc;
subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.10 192.168.1.20;
}

It could be simpler, and I could do static IP assignment so I don’t have to adjust Firefox’s proxy settings, but it worked long enough as a proof of concept.

I recently purchased a certain popular phone to replace my flaky blackberry. I have more Gs now. This device has a Assisted GPS functionality.  The first time I tried this feature out, it told me I was located somewhere near Dallas North Tollway and Keller Springs in Dallas, Texas.

This phone has never been to that location.

I used to live at that location a number of months ago.

Why does my magic phone know where I used to live before I owned it?

There must be something in common with my current location and my previous location. Hmm. My old apartment, despite being in a gated community, was situated rather close to Knoll Trail Drive, just north of Keller Springs. The location on the map pinpoints me to right about there. What sort of data could Apple be using to locate me when GPS doesn’t work (like now, when I’m indoors?)

In addition to A-GPS, iPhone 3G uses signals from GPS satellites, Wi-Fi hot spots, and cellular towers to get the most accurate location fast. If GPS is available, iPhone displays a blue GPS indicator. But if you’re inside — without a clear line of sight to a GPS satellite — iPhone finds you via Wi-Fi. If you’re not in range of a Wi-Fi hot spot, iPhone finds you using cellular towers.

I’m indoors, so GPS isn’t terribly useful. There’s a gazillion wifi beacons buzzing around me right now, so why would…. OH. Hey. Someone surveyed MY access point, with its old location south of here, as it was located maybe 20 feet from a public roadway. Then, I moved to an area far enough back from a road to not get surveyed, and all of the sudden when GPS fails the only AP providing them with a location cross-reference is the one on my desk, and it “reports” incorrectly.

So, Apple’s superphone relies on data to divine location in certain situations that’s inaccurate and more awesomely exploitable. Sweet. Now I just need a list of AP names or (more likely) MAC addresses, and I could simulate being located in just about anywhere that has been surveyed when I’m indoors.